From 1d531047130e09b2052539806f5cecbfe700abf9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= Date: Tue, 23 Jan 2024 15:46:25 +0100 Subject: [PATCH] Avoid duplicate code Simplify the 2 alternatives, merge them to a single one in case the code is the same in both alternatives. --- src/OVAL/probes/crapi/sha2.c | 324 ++++++++++------------------------- 1 file changed, 89 insertions(+), 235 deletions(-) diff --git a/src/OVAL/probes/crapi/sha2.c b/src/OVAL/probes/crapi/sha2.c index a90bf6751a..21c22772ba 100644 --- a/src/OVAL/probes/crapi/sha2.c +++ b/src/OVAL/probes/crapi/sha2.c @@ -36,8 +36,21 @@ #if defined(HAVE_NSS3) #include +#define CRAPI_ALGO_SHA224 HASH_AlgSHA224 +#define CRAPI_ALGO_SHA256 HASH_AlgSHA256 +#define CRAPI_ALGO_SHA384 HASH_AlgSHA384 +#define CRAPI_ALGO_SHA512 HASH_AlgSHA512 +#elif defined(HAVE_GCRYPT) +#include +#define CRAPI_ALGO_SHA224 GCRY_MD_SHA224 +#define CRAPI_ALGO_SHA256 GCRY_MD_SHA256 +#define CRAPI_ALGO_SHA384 GCRY_MD_SHA384 +#define CRAPI_ALGO_SHA512 GCRY_MD_SHA512 +#else +#error "No crypto library available!" +#endif -static int crapi_sha2_fd (HASH_HashType algo, int fd, void *dst, size_t *size) +static int crapi_sha2_fd (int algo, int fd, void *dst, size_t *size) { struct stat st; void *buffer; @@ -47,7 +60,11 @@ static int crapi_sha2_fd (HASH_HashType algo, int fd, void *dst, size_t *size) errno = EFAULT; return -1; } +#if defined(HAVE_NSS3) if (*size < HASH_ResultLen(algo)) { +#elif defined(HAVE_GCRYPT) + if (*size < gcry_md_get_algo_dlen(algo)) { +#endif errno = ENOBUFS; return -1; } @@ -65,17 +82,26 @@ static int crapi_sha2_fd (HASH_HashType algo, int fd, void *dst, size_t *size) if (buffer == NULL) { #endif /* _FILE_OFFSET_BITS == 32 */ uint8_t _buffer[CRAPI_IO_BUFSZ]; - HASHContext *ctx; ssize_t ret; buffer = _buffer; +#if defined(HAVE_NSS3) + HASHContext *ctx; ctx = HASH_Create (algo); if (ctx == NULL) return (-1); +#elif defined(HAVE_GCRYPT) + gcry_md_hd_t hd; + gcry_md_open (&hd, algo, 0); +#endif while ((ret = read (fd, buffer, sizeof _buffer)) == sizeof _buffer) +#if defined(HAVE_NSS3) HASH_Update (ctx, (const unsigned char *)buffer, (unsigned int) sizeof _buffer); +#elif defined(HAVE_GCRYPT) + gcry_md_write (hd, (const void *)buffer, sizeof _buffer); +#endif switch (ret) { case 0: @@ -84,17 +110,37 @@ static int crapi_sha2_fd (HASH_HashType algo, int fd, void *dst, size_t *size) return (-1); default: if (ret <= 0) { +#if defined(HAVE_NSS3) HASH_Destroy(ctx); +#elif defined(HAVE_GCRYPT) + gcry_md_close(hd); +#endif return -1; } +#if defined(HAVE_NSS3) HASH_Update (ctx, (const unsigned char *)buffer, (unsigned int) ret); +#elif defined(HAVE_GCRYPT) + gcry_md_write (hd, (const void *)buffer, (size_t)ret); +#endif } +#if defined(HAVE_NSS3) HASH_End (ctx, dst, (unsigned int *)size, *size); HASH_Destroy (ctx); +#elif defined(HAVE_GCRYPT) + gcry_md_final (hd); + + buffer = (void *)gcry_md_read (hd, algo); + memcpy (dst, buffer, gcry_md_get_algo_dlen (algo)); + gcry_md_close (hd); +#endif #if _FILE_OFFSET_BITS == 32 } else { +#if defined(HAVE_NSS3) HASH_HashBuf (algo, (unsigned char *)dst, (unsigned char *)buffer, (unsigned int)buflen); +#elif defined(HAVE_GCRYPT) + gcry_md_hash_buffer (algo, dst, (const void *)buffer, buflen); +#endif munmap (buffer, buflen); } #endif /* _FILE_OFFSET_BITS == 32 */ @@ -103,7 +149,11 @@ static int crapi_sha2_fd (HASH_HashType algo, int fd, void *dst, size_t *size) } struct crapi_sha2_ctx { +#if defined(HAVE_NSS3) HASHContext *ctx; +#elif defined(HAVE_GCRYPT) + gcry_md_hd_t ctx; +#endif void *dst; size_t *size; }; @@ -112,269 +162,76 @@ static void *crapi_sha2_init (void *dst, void *size, int alg) { struct crapi_sha2_ctx *ctx = malloc(sizeof(struct crapi_sha2_ctx)); +#if defined(HAVE_NSS3) ctx->ctx = HASH_Create (alg); +#elif defined(HAVE_GCRYPT) + if (gcry_md_open (&ctx->ctx, alg, 0) != 0) { + free(ctx); + return NULL; + } +#endif ctx->dst = dst; ctx->size = size; +#if defined(HAVE_NSS3) if (ctx->ctx != NULL) { HASH_Begin (ctx->ctx); } else { free (ctx); ctx = NULL; } +#endif return (ctx); } static int crapi_sha2_update (void *ctxp, void *bptr, size_t blen) { - struct crapi_sha2_ctx *ctx = (struct crapi_sha1_ctx *)ctxp; + struct crapi_sha2_ctx *ctx = (struct crapi_sha2_ctx *)ctxp; +#if defined(HAVE_NSS3) HASH_Update (ctx->ctx, (const unsigned char *)bptr, (unsigned int)blen); +#elif defined(HAVE_GCRYPT) + gcry_md_write (ctx->ctx, (const void *)bptr, blen); +#endif return (0); } -static int crapi_sha2_fini (void *ctxp) +static int crapi_sha2_fini (void *ctxp, int alg) { struct crapi_sha2_ctx *ctx = (struct crapi_sha2_ctx *)ctxp; +#if defined(HAVE_NSS3) HASH_End (ctx->ctx, ctx->dst, (unsigned int *)ctx->size, *ctx->size); HASH_Destroy (ctx->ctx); - free (ctx); - - return (0); -} - -static void crapi_sha2_free (void *ctxp) -{ - struct crapi_sha2_ctx *ctx = (struct crapi_sha1_ctx *)ctxp; - - HASH_Destroy (ctx->ctx); - free (ctx); - - return; -} - -void *crapi_sha224_init (void *dst, void *size) -{ - return crapi_sha2_init(dst, size, HASH_AlgSHA224); -} - -int crapi_sha224_update (void *ctxp, void *bptr, size_t blen) -{ - return crapi_sha2_update(ctxp, bptr, blen); -} - -int crapi_sha224_fini (void *ctxp) -{ - return crapi_sha2_fini(ctxp); -} - -void crapi_sha224_free (void *ctxp) -{ - crapi_sha2_free(ctxp); -} - -int crapi_sha224_fd (int fd, void *dst, size_t *size) -{ - return crapi_sha2_fd (HASH_AlgSHA224, fd, dst, size); -} - -void *crapi_sha256_init (void *dst, void *size) -{ - return crapi_sha2_init(dst, size, HASH_AlgSHA256); -} - -int crapi_sha256_update (void *ctxp, void *bptr, size_t blen) -{ - return crapi_sha2_update(ctxp, bptr, blen); -} - -int crapi_sha256_fini (void *ctxp) -{ - return crapi_sha2_fini(ctxp); -} - -void crapi_sha256_free (void *ctxp) -{ - crapi_sha2_free(ctxp); -} - -int crapi_sha256_fd (int fd, void *dst, size_t *size) -{ - return crapi_sha2_fd (HASH_AlgSHA256, fd, dst, size); -} - -void *crapi_sha384_init (void *dst, void *size) -{ - return crapi_sha2_init(dst, size, HASH_AlgSHA384); -} - -int crapi_sha384_update (void *ctxp, void *bptr, size_t blen) -{ - return crapi_sha2_update(ctxp, bptr, blen); -} - -int crapi_sha384_fini (void *ctxp) -{ - return crapi_sha2_fini(ctxp); -} - -void crapi_sha384_free (void *ctxp) -{ - crapi_sha2_free(ctxp); -} - -int crapi_sha384_fd (int fd, void *dst, size_t *size) -{ - return crapi_sha2_fd (HASH_AlgSHA384, fd, dst, size); -} - -void *crapi_sha512_init (void *dst, void *size) -{ - return crapi_sha2_init(dst, size, HASH_AlgSHA512); -} - -int crapi_sha512_update (void *ctxp, void *bptr, size_t blen) -{ - return crapi_sha2_update(ctxp, bptr, blen); -} - -int crapi_sha512_fini (void *ctxp) -{ - return crapi_sha2_fini(ctxp); -} - -void crapi_sha512_free (void *ctxp) -{ - crapi_sha2_free(ctxp); -} - -int crapi_sha512_fd (int fd, void *dst, size_t *size) -{ - return crapi_sha2_fd (HASH_AlgSHA512, fd, dst, size); -} - #elif defined(HAVE_GCRYPT) -#include - -static int crapi_sha2_fd (int algo, int fd, void *dst, size_t *size) -{ - struct stat st; - void *buffer; - size_t buflen; - - if (size == NULL || dst == NULL) { - errno = EFAULT; - return -1; - } - if (*size < gcry_md_get_algo_dlen(algo)) { - errno = ENOBUFS; - return -1; - } - - if (fstat (fd, &st) != 0) - return (-1); - else { -#if _FILE_OFFSET_BITS == 32 - buflen = st.st_size; -# if defined(OS_FREEBSD) - buffer = mmap (NULL, buflen, PROT_READ, MAP_SHARED | MAP_NOCORE, fd, 0); -# else - buffer = mmap (NULL, buflen, PROT_READ, MAP_SHARED, fd, 0); -# endif - if (buffer == NULL) { -#endif /* _FILE_OFFSET_BITS == 32 */ - uint8_t _buffer[CRAPI_IO_BUFSZ]; - gcry_md_hd_t hd; - ssize_t ret; - - buffer = _buffer; - gcry_md_open (&hd, algo, 0); - - while ((ret = read (fd, buffer, sizeof _buffer)) == sizeof _buffer) - gcry_md_write (hd, (const void *)buffer, sizeof _buffer); - - switch (ret) { - case 0: - break; - case -1: - return (-1); - default: - if (ret <= 0) { - gcry_md_close(hd); - return -1; - } - gcry_md_write (hd, (const void *)buffer, (size_t)ret); - } - - gcry_md_final (hd); - - buffer = (void *)gcry_md_read (hd, algo); - memcpy (dst, buffer, gcry_md_get_algo_dlen (algo)); - gcry_md_close (hd); -#if _FILE_OFFSET_BITS == 32 - } else { - /* XXX: FIPS: Note that this function will abort the process if an unavailable algorithm is used. */ - gcry_md_hash_buffer (algo, dst, (const void *)buffer, buflen); - munmap (buffer, buflen); - } -#endif /* _FILE_OFFSET_BITS == 32 */ - } - return (0); -} - -struct crapi_sha2_ctx { - gcry_md_hd_t ctx; - void *dst; - void *size; -}; - -static void *crapi_sha2_init(void *dst, void *size, int alg) -{ - struct crapi_sha2_ctx *ctx = malloc(sizeof(struct crapi_sha2_ctx)); - - if (gcry_md_open (&ctx->ctx, alg, 0) != 0) { - free(ctx); - return NULL; - } - - ctx->dst = dst; - ctx->size = size; - - return (ctx); -} - -static int crapi_sha2_update (void *ctxp, void *bptr, size_t blen) -{ - struct crapi_sha2_ctx *ctx = (struct crapi_sha2_ctx *)ctxp; - - gcry_md_write (ctx->ctx, (const void *)bptr, blen); - return (0); -} - -static int crapi_sha2_fini (void *ctxp, int alg) -{ - struct crapi_sha2_ctx *ctx = (struct crapi_sha2_ctx *)ctxp; void *buffer; gcry_md_final (ctx->ctx); buffer = (void *)gcry_md_read (ctx->ctx, alg); memcpy (ctx->dst, buffer, gcry_md_get_algo_dlen (alg)); gcry_md_close (ctx->ctx); - free(ctx); +#endif + free (ctx); return (0); } static void crapi_sha2_free (void *ctxp) { +#if defined(HAVE_NSS3) + struct crapi_sha2_ctx *ctx = (struct crapi_sha2_ctx *)ctxp; + + HASH_Destroy (ctx->ctx); + free (ctx); +#endif + return; } void *crapi_sha224_init (void *dst, void *size) { - return crapi_sha2_init(dst, size, GCRY_MD_SHA224); + return crapi_sha2_init(dst, size, CRAPI_ALGO_SHA224); } int crapi_sha224_update (void *ctxp, void *bptr, size_t blen) @@ -384,7 +241,7 @@ int crapi_sha224_update (void *ctxp, void *bptr, size_t blen) int crapi_sha224_fini (void *ctxp) { - return crapi_sha2_fini(ctxp, GCRY_MD_SHA224); + return crapi_sha2_fini(ctxp, CRAPI_ALGO_SHA224); } void crapi_sha224_free (void *ctxp) @@ -394,12 +251,12 @@ void crapi_sha224_free (void *ctxp) int crapi_sha224_fd (int fd, void *dst, size_t *size) { - return crapi_sha2_fd (GCRY_MD_SHA256, fd, dst, size); + return crapi_sha2_fd (CRAPI_ALGO_SHA224, fd, dst, size); } void *crapi_sha256_init (void *dst, void *size) { - return crapi_sha2_init(dst, size, GCRY_MD_SHA256); + return crapi_sha2_init(dst, size, CRAPI_ALGO_SHA256); } int crapi_sha256_update (void *ctxp, void *bptr, size_t blen) @@ -409,7 +266,7 @@ int crapi_sha256_update (void *ctxp, void *bptr, size_t blen) int crapi_sha256_fini (void *ctxp) { - return crapi_sha2_fini(ctxp, GCRY_MD_SHA256); + return crapi_sha2_fini(ctxp, CRAPI_ALGO_SHA256); } void crapi_sha256_free (void *ctxp) @@ -419,12 +276,12 @@ void crapi_sha256_free (void *ctxp) int crapi_sha256_fd (int fd, void *dst, size_t *size) { - return crapi_sha2_fd (GCRY_MD_SHA256, fd, dst, size); + return crapi_sha2_fd (CRAPI_ALGO_SHA256, fd, dst, size); } void *crapi_sha384_init (void *dst, void *size) { - return crapi_sha2_init(dst, size, GCRY_MD_SHA384); + return crapi_sha2_init(dst, size, CRAPI_ALGO_SHA384); } int crapi_sha384_update (void *ctxp, void *bptr, size_t blen) @@ -434,7 +291,7 @@ int crapi_sha384_update (void *ctxp, void *bptr, size_t blen) int crapi_sha384_fini (void *ctxp) { - return crapi_sha2_fini(ctxp, GCRY_MD_SHA384); + return crapi_sha2_fini(ctxp, CRAPI_ALGO_SHA384); } void crapi_sha384_free (void *ctxp) @@ -444,12 +301,12 @@ void crapi_sha384_free (void *ctxp) int crapi_sha384_fd (int fd, void *dst, size_t *size) { - return crapi_sha2_fd (GCRY_MD_SHA384, fd, dst, size); + return crapi_sha2_fd (CRAPI_ALGO_SHA384, fd, dst, size); } void *crapi_sha512_init (void *dst, void *size) { - return crapi_sha2_init(dst, size, GCRY_MD_SHA512); + return crapi_sha2_init(dst, size, CRAPI_ALGO_SHA512); } int crapi_sha512_update (void *ctxp, void *bptr, size_t blen) @@ -459,7 +316,7 @@ int crapi_sha512_update (void *ctxp, void *bptr, size_t blen) int crapi_sha512_fini (void *ctxp) { - return crapi_sha2_fini(ctxp, GCRY_MD_SHA512); + return crapi_sha2_fini(ctxp, CRAPI_ALGO_SHA512); } void crapi_sha512_free (void *ctxp) @@ -469,8 +326,5 @@ void crapi_sha512_free (void *ctxp) int crapi_sha512_fd (int fd, void *dst, size_t *size) { - return crapi_sha2_fd (GCRY_MD_SHA512, fd, dst, size); + return crapi_sha2_fd (CRAPI_ALGO_SHA512, fd, dst, size); } -#else -# error "No crypto library available!" -#endif